From cd0f5c9bf3087ddc90c45e8b045be040baf85e0d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marc=20Pe=C3=B1a=20Segarra?= Date: Mon, 16 May 2022 00:04:31 +0200 Subject: [PATCH 1/4] fix: update project branch if default branch was renamed If we don't do this everything seems to work fine, but Snyk is not able to open PRs, at least manually, returning `Could not get SHA for branch` errors. Fixes #64 --- app/app.py | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/app/app.py b/app/app.py index 1d5b39b..825724b 100755 --- a/app/app.py +++ b/app/app.py @@ -131,7 +131,17 @@ def run(): else: app_print(snyk_repo.org_name, snyk_repo.full_name, - "Branch was just renamed, leaving as-is") + "Default branch was renamed, updating project branch") + updated_projects = snyk_repo.update_branch( + gh_repo_status.repo_default_branch, + common.ARGS.dry_run) + for project in updated_projects: + if not common.ARGS.dry_run: + app_print(snyk_repo.org_name, + snyk_repo.full_name, + f"Monitored branch set to " \ + f"{gh_repo_status.repo_default_branch} " \ + f"for: {project['manifest']}") else: #find deltas app_print(snyk_repo.org_name, snyk_repo.full_name, From d0735398495b980663788d9587cb52426c7e08bd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marc=20Pe=C3=B1a=20Segarra?= Date: Mon, 16 May 2022 00:11:27 +0200 Subject: [PATCH 2/4] fix: use f-string for path in update_project_branch --- app/utils/snyk_helper.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/utils/snyk_helper.py b/app/utils/snyk_helper.py index 1a1c266..1faab66 100644 --- a/app/utils/snyk_helper.py +++ b/app/utils/snyk_helper.py @@ -337,7 +337,7 @@ def process_import_status_checks(import_status_checks): def update_project_branch(project_id, project_name, org_id, new_branch_name): """ update snyk project monitored branch """ org = common.snyk_client.organizations.get(org_id) - path = "org/{org.id}/project/{project_id}" + path = f"org/{org.id}/project/{project_id}" payload = { "branch": new_branch_name From c2ae985fea0de3c0f1a7b91cdeb6cd3450b1bbca Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marc=20Pe=C3=B1a=20Segarra?= Date: Mon, 16 May 2022 23:52:54 +0200 Subject: [PATCH 3/4] fix: add .venv to gitignore --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index d455c85..ad81371 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ *.csv *.log __pycache__* +.venv From e270843ad9531d8c86ba503982667d626f74a8e8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marc=20Pe=C3=B1a=20Segarra?= Date: Fri, 3 Jun 2022 23:25:10 +0200 Subject: [PATCH 4/4] fix: remove is_default_branch_renamed and always update Snyk's branch if it differs from GitHub one --- app/app.py | 44 ++++---------------------------------------- app/gh_repo.py | 31 ------------------------------- 2 files changed, 4 insertions(+), 71 deletions(-) diff --git a/app/app.py b/app/app.py index 825724b..4de83e1 100755 --- a/app/app.py +++ b/app/app.py @@ -9,7 +9,6 @@ from app.models import ImportStatus from app.gh_repo import ( get_gh_repo_status, - is_default_branch_renamed, is_gh_repo_truncated, get_git_tree_from_api ) @@ -97,47 +96,12 @@ def run(): snyk_repo.full_name, f"Default branch name changed from {snyk_repo.branch}" \ f" -> {gh_repo_status.repo_default_branch}") - app_print(snyk_repo.org_name, - snyk_repo.full_name, - "Checking if existing default branch was just renamed?") - try: - if snyk_repo.origin == "github": - is_default_renamed = is_default_branch_renamed( - snyk_repo, gh_repo_status.repo_default_branch, - common.GITHUB_TOKEN) - elif snyk_repo.origin == "github-enterprise": - is_default_renamed = is_default_branch_renamed( - snyk_repo, gh_repo_status.repo_default_branch, - common.GITHUB_ENTERPRISE_TOKEN, - True) - - except RuntimeError as err: - raise RuntimeError("Failed to query GitHub repository!") from err - - if not is_default_renamed: - app_print(snyk_repo.org_name, - snyk_repo.full_name, - "It's a different branch, update snyk projects...") - updated_projects = snyk_repo.update_branch( - gh_repo_status.repo_default_branch, - common.ARGS.dry_run) - for project in updated_projects: - if not common.ARGS.dry_run: - app_print(snyk_repo.org_name, - snyk_repo.full_name, - f"Monitored branch set to " \ - f"{gh_repo_status.repo_default_branch} " \ - f"for: {project['manifest']}") - else: - app_print(snyk_repo.org_name, - snyk_repo.full_name, - "Default branch was renamed, updating project branch") - updated_projects = snyk_repo.update_branch( + updated_projects = snyk_repo.update_branch( gh_repo_status.repo_default_branch, common.ARGS.dry_run) - for project in updated_projects: - if not common.ARGS.dry_run: - app_print(snyk_repo.org_name, + for project in updated_projects: + if not common.ARGS.dry_run: + app_print(snyk_repo.org_name, snyk_repo.full_name, f"Monitored branch set to " \ f"{gh_repo_status.repo_default_branch} " \ diff --git a/app/gh_repo.py b/app/gh_repo.py index 2117700..6ac9860 100755 --- a/app/gh_repo.py +++ b/app/gh_repo.py @@ -255,34 +255,3 @@ def get_gh_repo_status(snyk_gh_repo): repo_default_branch ) return repo_status - -def is_default_branch_renamed(snyk_gh_repo, new_branch, github_token, github_enterprise=False): - """detect if default branch has been renamed""" - is_renamed = False - headers = {"Authorization": "Bearer %s"} - headers["Authorization"] = headers["Authorization"] % (github_token) - if not github_enterprise: - request_url = f"https://api.github.com/repos/{snyk_gh_repo.full_name}" \ - f"/branches/{snyk_gh_repo.branch}" - #print("requestURL: " + request_url) - else: - request_url = f"https://{common.GITHUB_ENTERPRISE_HOST}" \ - f"/api/v3/repos/{snyk_gh_repo.full_name}/branches/{snyk_gh_repo.branch}" - try: - response = requests.get(url=request_url, allow_redirects=False, headers=headers) - - if response.status_code in (301, 302): - print('redirect response url: ' + response.headers["Location"]) - if str(response.headers["Location"]).endswith(f"/{new_branch}"): - # print('the redirect is pointing to the new branch') - is_renamed = True - # else: - # print('the redirect is pointing to a different branch') - else: - is_renamed = False - except requests.exceptions.RequestException as err: - print(f"exception trying to determine renamed status: {err.response}") - #log this to file - is_renamed = True - - return is_renamed